Using Debug Commands

Transcription

1 CHAPTER 1 Using Debug Commands This chapter explains how you use debug commands to diagnose and resolve internetworking problems. Specifically, it covers the following topics: Entering debug commands Using the debug? command Using the debug all command Generating debugging output Redirecting debugging output Caution Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco technical support staff. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use. Entering Debug Commands All debug commands are entered in privileged EXEC mode, and most debug commands take no arguments. For example, to enable the debug broadcast command, enter the following in privileged EXEC mode at the command line: debug broadcast To turn off the debug broadcast command, in privileged EXEC mode, enter the no form of the command at the command line: no debug broadcast Alternately, in privileged EXEC mode, you can enter the undebug form of the command: undebug broadcast To display the state of each debugging option, enter the following at the command line in privileged EXEC mode: show debugging Using Debug Commands 1-1

2 Using the Debug? Command Using the Debug? Command To list and see a brief description of all the debugging command options, enter the following command in privileged EXEC mode at the command line: debug? Not all debugging commands listed in this output are described in this document. Commands are included here based on the their usefulness in assisting you to diagnose network problems. Commands not included are typically used internally by engineering during the development process and are not intended for use outside this environment. Using the Debug All Command To enable all system diagnostics, enter the following command in privileged EXEC mode at the command line: debug all The no debug all command turns off all diagnostic output. Using the no debug all command is a convenient way to ensure that you have not accidentally left any debug commands turned on. Caution Because debugging output takes priority over other network traffic, and because the debug all command generates more output than any other debug command, it can severely diminish the router s performance or even render it unusable. In virtually all cases, it is best to use more specific debug commands. Generating Debug Command Output Enabling a debug command can result in output similar to the example shown in Figure 1-1 for the debug broadcast command. Figure 1-1 Example Debug Broadcast Output router# debug broadcast Ethernet0: Broadcast ARPA, src c00.6fa4, dst ffff.ffff.ffff, type 0x0800, data FF11EA7B, len 60 Serial3: Broadcast HDLC, size 64, type 0x800, flags 0x8F00 Serial2: Broadcast PPP, size 128 Serial7: Broadcast FRAME-RELAY, size 174, type 0x800, DLCI 7a The router continues to generate such output until you enter the corresponding no debug command (in this case, no debug broadcast). If you enable a debug command and no output is displayed, consider the following possibilities: The router may not be properly configured to generate the type of traffic you want to monitor. Use the show running-config command to check its configuration. Even if the router is properly configured, it may not generate the type of traffic you want to monitor during the particular period that debugging is turned on. Depending on the protocol you are debugging, you can use commands such as the TCP/IP ping command to generate network traffic. 1-2 Debug Command Reference

3 Redirecting Debugging and Error Message Output By default, the network server sends the output from debug commands and system error messages to the console terminal. If you use this default, monitor debugging output using a virtual terminal connection, rather than the console port. To redirect debugging output, use the logging command options within configuration mode as described in the following sections. Possible destinations include the console terminal, virtual terminals, internal buffer, and UNIX hosts running a syslog server. The syslog format is compatible with 4.3 Berkeley Standard Distribution (BSD) UNIX and its derivatives. Note Be aware that the debugging destination you use affects system overhead. Logging to the console produces very high overhead, whereas logging to a virtual terminal produces less overhead. Logging to a syslog server produces even less, and logging to an internal buffer produces the least overhead of any method. To configure message logging, you need to be in configuration command mode. To enter this mode, use the configure terminal command at the EXEC prompt. Enabling Message Logging To enable message logging to all supported destinations other than the console, enter the following: logging on The default condition is logging on. To direct logging to the console terminal only and disable logging output to other destinations, enter the following command: no logging on Setting the Message Logging Levels You can set the logging levels when logging messages to the following: Console Monitor Syslog server Table 1-1 lists and briefly describes the logging levels and corresponding keywords you can use to set the logging levels for these types of messages. The highest level of message is level 0, emergencies. The lowest level is level 7, debugging, which also displays the greatest amount of messages. For information about limiting these messages, see sections later in this chapter. Using Debug Commands 1-3

4 Table 1-1 Message Logging Keywords and Levels Level Keyword Description Syslog Definition 0 emergencies System is unusable. LOG_EMERG 1 alerts Immediate action is needed. LOG_ALERT 2 critical Critical conditions exist. LOG_CRIT 3 errors Error conditions exist. LOG_ERR 4 warnings Warning conditions exist. LOG_WARNING 5 notification Normal, but significant, conditions exist. LOG_NOTICE 6 informational Informational messages. LOG_INFO 7 debugging Debugging messages. LOG_DEBUG Limiting the Types of Logging Messages Sent to the Console To limit the types of messages that are logged to the console, use the logging console router configuration command. The full syntax of this command follows: logging console level no logging console The logging console command limits the logging messages displayed on the console terminal to messages up to and including the specified severity level, which is specified by the level argument. The level argument is one of the keywords listed in Table 1-1. They are listed in order from the most severe level to the least severe. The no logging console command disables logging to the console terminal. Example The following example sets console logging of messages at the debugging level, which is the least severe level and will display all logging messages: logging console debugging Logging Messages to an Internal Buffer The default logging device is the console; all messages are displayed on the console unless otherwise specified. To log messages to an internal buffer, use the logging buffered router configuration command. The full syntax of this command follows: logging buffered no logging buffered The logging buffered command copies logging messages to an internal buffer instead of writing them to the console terminal. The buffer is circular in nature, so newer messages overwrite older messages. To display the messages that are logged in the buffer, use the privileged EXEC command show logging. The first message displayed is the oldest message in the buffer. The no logging buffered command cancels the use of the buffer and writes messages to the console terminal (the default). 1-4 Debug Command Reference

5 Limiting the Types of Logging Messages Sent to Another Monitor To limit the level of messages logged to the terminal lines (monitors), use the logging monitor router configuration command. The full syntax of this command follows: logging monitor level no logging monitor The logging monitor command limits the logging messages displayed on terminal lines other than the console line to messages with a level up to and including the specified level argument. The level argument is one of the keywords listed in Table 1-1. To display logging messages on a terminal (virtual console), use the privileged EXEC command terminal monitor. The no logging monitor command disables logging to terminal lines other than the console line. Example The following example sets the level of messages displayed on monitors other than the console to notification: logging monitor notification Logging Messages to a UNIX Syslog Server To log messages to the syslog server host, use the logging router configuration command. The full syntax of this command follows: logging ip-address no logging ip-address The logging command identifies a syslog server host to receive logging messages. The ip-address argument is the IP address of the host. By issuing this command more than once, you build a list of syslog servers that receive logging messages. The no logging command deletes the syslog server with the specified address from the list of syslogs. Limiting Messages to a Syslog Server To limit the number of messages sent to the syslog servers, use the logging trap router configuration command. The full syntax of this command follows: logging trap level no logging trap The logging trap command limits the logging messages sent to syslog servers to messages with a level up to and including the specified level argument. The level argument is one of the keywords listed in Table 1-1. To send logging messages to a syslog server, specify its host address with the logging command. The default trap level is informational. The no logging trap command disables logging to syslog servers. The current software generates four categories of syslog messages: Error messages about software or hardware malfunctions, displayed at the errors level. Interface up/down transitions and system restart messages, displayed at the notification level. Using Debug Commands 1-5

6 Reload requests and low-process stack messages, displayed at the informational level. Output from the debug commands, displayed at the debugging level. The privileged EXEC command show logging displays the addresses and levels associated with the current logging setup. The command output also includes ancillary statistics. Example of Setting Up a UNIX Syslog Daemon To set up the syslog daemon on a 4.3 BSD UNIX system, include a line such as the following in the file /etc/syslog.conf: local7.debugging /usr/adm/logs/tiplog The local7 keyword specifies the logging facility to be used. The debugging keyword specifies the syslog level. See Table 1-1 for other keywords that can be listed. The UNIX system sends messages at or above this level to the specified file, in this case /usr/adm/logs/tiplog. The file must already exist, and the syslog daemon must have permission to write to it. For the System V UNIX systems, the line should read as follows: local7.debug /usr/admin/logs/cisco.log 1-6 Debug Command Reference

Using Debug Commands This chapter explains how you use debug commands to diagnose and resolve internetworking problems. Specifically, it covers the following topics: Entering debug commands Using the debug?

CHAPTER 25 This chapter describes how to configure system message logging on the Catalyst 2960 switch. Note For complete syntax and usage information for the commands used in this chapter, see the Cisco

System Message Logging This module describes how to configure system message logging on your wireless device in the following sections: Understanding System Message Logging, page 1 Configuring System Message

Configuring Syslog Server on Cisco Routers with Cisco SDM Syslog is a standard for forwarding log messages in an Internet Protocol (IP) computer network. It allows separation of the software that generates

CHAPTER 1 This chapter describes how to configure system message logging on the Cisco 4700 Series Application Control Engine (ACE) appliance. Each ACE contains a number of log files that retain records

Lab 5.5 Configuring Logging Learning Objectives Configure a router to log to a Syslog server Use Kiwi Syslog Daemon as a Syslog server Configure local buffering on a router Topology Diagram Scenario In

Lab 7.2.9 Load Balancing Across Multiple Paths Objective Configure Load balance across multiple paths. Observe the load balancing process. Background/Preparation Cable a network similar to the one in the

CHAPTER 2 This chapter describes what you need to know before you begin configuring your router with Cisco IOS software (the software that runs your router) This chapter contains the following sections:

About Cisco PIX Firewalls The PIX firewall requires extensive provisioning to meet both industry best practices and regulatory compliance. By default the firewall operating system allows various methods

Lab 11.5.6.1 Configure Syslog on AP Estimated Time: 25 minutes Number of Team Members: Students will work in teams of two. Objective In this lab, students will configure and use syslog logging to monitor

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials. CHAPTER 5 OBJECTIVES Configure a router with an initial configuration. Use the

Chapter 11 Router Fundamentals The startup routines for Cisco IOS Software have the goal of starting router operations. The router uses information from the configuration file when it starts up. The configuration

Lab 2.3.3 Configure Intrusion Prevention on the PIX Security Appliance Objective Scenario Topology In this lab exercise, the students will complete the following tasks: Configure the use of Cisco Intrusion

This chapter describes how to configure system message logging on the Cisco Nexus 5000 Series switch and contains the following sections: Information About System Message Logging, page 1, page 2 Verifying

NetFlow Subinterface Support Feature History Release Modification 12.2(14)S This feature was introduced. 12.2(15)T This feature was integrated into Cisco IOS Release 12.2 T. This document describes the

52 CHAPTER This chapter describes how to configure and manage logs for the ASASM/ASASM and includes the following sections: Information About Logging, page 52-1 Licensing Requirements for Logging, page

CHAPTER 3 Connecting to the Firewall Services Module and This chapter describes how to access the command-line interface and work with the configuration. This chapter includes the following sections: Connecting

3.1 Connecting to a Router and Basic Configuration Objective This lab will focus on the ability to connect a PC to a router in order to establish a console session and observe the user interface. A console

System Log Setup (RTA1025W Rev2) System Log As shown on the web page, you can view the system log and configure system log whenever you want. To view the system log, you must configure system log first.

Backing Up and Restoring Data Cisco Unity Express backup and restore functions use an FTP server to store and retrieve data. The backup function copies the files from the Cisco Unity Express application

LAB THREE STATIC ROUTING In this lab you will work with four different network topologies. The topology for Parts 1-4 is shown in Figure 3.1. These parts address router configuration on Linux PCs and a

Doc. No. 78-0944-06A0 June 14, 1993 Terminal Server Configuration and Reference Errata This document supplies corrections and additional informaiton for the 9.0 version of the Cisco publication Terminal

How To Set Up LocalDirector Syslog Document ID: 3995 LocalDirector is now End of Sale. Refer to the Cisco LocalDirector 400 Series bulletins for more information. Contents Introduction Before You Begin

Lab 4.2.4 Advanced Telnet Operations Objective Use the telnet command to remotely access other routers. Verify that the application layer between the source and the destination is working properly. Suspend

orrelogtm Security Correlation Server Quick Installation Guide This guide provides brief information on how to install the CorreLog Server system on a Microsoft Windows platform. This information can also

This chapter describes the router recovery methods in ROM Monitor (ROMMON) mode of the router. Table 1: Feature History for Router Recovery with the ROM Monitor Release Modification Release 4.2.0 A new

CHAPTER 5 This chapter describes how to configure system message logging on Cisco NX-OS devices. This chapter includes the following sections: Information About System Message Logging, page 5-1 Licensing

CHAPTER 3 This chapter describes how to use the Cisco IOS software command-line interface (CLI) to configure basic Cisco VG224 functionality This chapter presents the following major topics: Configuring

First Published: March 20, 2006 Last Updated: September 22, 2009 The feature distributes authentication, authorization, and accounting (AAA) authentication and accounting transactions across servers in

Configuring the Firewall Management Interface The firewall management interface can be configured under each firewall context to provide a virtualized management interface (see Figure 7). The management

CHAPTER 62 This chapter describes how to configure the port security feature. For complete syntax and usage information for the commands used in this chapter, see the Cisco IOS Master List, at this URL:

APPENDIX B This appendix describes the Cisco router ROM monitor (also called the bootstrap program). The ROM monitor firmware runs when the router is powered up or reset. The firmware helps to initialize

CS312 LAB 3 - CONFIGURING A ROUTER Be sure to leave the lab connected in the same way that you found it. If you change the configuration of the network, it may be difficult for the next person to complete

jodbc Service and SQL Catalog jbase_agent {options} The jbase_agent command can be run from the command prompt (windows) or shell (Linux) as a foreground process for testing and setup and is also the service

PIM SOFTWARE Configuring the Syslog Feature TECHNICAL REFERENCE TR50 Published: 5/14/08 Syslogs are typically used for computer system management and security audits and are supported by a wide variety

Router Security Audit Logs The Router Security Audit Logs feature allows users to configure audit trails, which track changes that have been made to a router that is running Cisco IOS software. History

Problem: Patton / 240T WAN Setup Platform: NetGuardian 240T This TKP is a guide to setting up a PPP to T1 WAN connection between a Patton Model 2603 Router and a NetGuardian 240T. The example in this guide

NetFlow v9 Export Format With this release, NetFlow can export data in NetFlow v9 (version 9) export format. This format is flexible and extensible, which provides the versatility needed to support new

Configuration Fundamentals Overview This chapter provides an overview of Cisco IOS software configuration, describes the chapters in this document, and suggests sections to read based on various situations.

CHAPTER 2 This chapter describes how to manage the software licenses for your Cisco 4700 Series Application Control Engine (ACE) appliance. It contains the following major sections: Information about ACE

The feature addresses the limitation of qualifying Internet Control Management Protocol (ICMP) messages into either a malicious or benign category by allowing the Cisco IOS firewall to use stateful inspection

25 CHAPTER This chapter describes how to configure EtherChannel interfaces. For complete syntax and usage information for the commands used in this chapter, refer to the Catalyst 2950 Desktop Switch Command

CHAPTER 13 Revised: April 27, 2011, OL-20458-01 This chapter describes how to configure iscsi multipath for multiple routes between a server and its storage devices. This chapter includes the following

show vrrp show vrrp To display a brief or detailed status of one or all configured Virtual Router Redundancy Protocol (VRRP) groups on the router, use the show vrrp command in privileged EXEC mode. show

Service Managed Gateway TM Issue 1.3 Date 10 March 2006 Table of contents 1 Introduction... 3 1.1 What is a firewall?... 3 1.2 The benefits of using a firewall... 3 2 How to configure firewall settings

CHAPTER 9 This chapter describes how to configure basic settings on your ASASM that are typically required for a functioning configuration. This chapter includes the following sections: Configuring the

1 PIX OS Versions - The PIX OS Command-Line Interface - The operating system for Cisco PIX/ASA firewalls is known as the PIX OS. Because the PIX product line was acquired and not originally developed by